We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
A vulnerability was found in Red Hat OpenShift Jenkins. The bearer token is not obfuscated in the logs and potentially carries a high risk if those logs are centralized when collected. The token is typically valid for one year. This flaw allows a malicious user to jeopardize the environment if they have access to sensitive information.
Reserved 2024-10-03 | Published 2025-07-04 | Updated 2025-07-04 | Assigner redhatInsertion of Sensitive Information into Log File
2024-10-03: | Reported to Red Hat. |
2025-07-04: | Made public. |
Red Hat would like to thank Aino de Vries for reporting this issue.
access.redhat.com/security/cve/CVE-2024-9453
bugzilla.redhat.com/show_bug.cgi?id=2316231 (RHBZ#2316231)
Support options